Creasito E-commerce Content Manager Security Vulnerabilities and Issues — Creasito E-commerce Content Manager CVE List

Lucene search

CreasitoCreasito E-commerce Content Manager

2 matches found

CVE•added 2010/07/12 1:27 p.m.•38 views

CVE-2009-4925

Multiple SQL injection vulnerabilities in Portale e-commerce Creasito (aka creasito e-commerce content manager) 1.3.16, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the username parameter to (1) admin/checkuser.php and (2) checkuser.php.

6.8CVSS8.8AI score0.00405EPSS

CVE•added 2006/11/07 12:7 a.m.•28 views

CVE-2006-5777

Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to bypass authentication and perform privileged functions via a non-empty finame parameter to (1) addnewcont.php, (2) adminpassw.php, (3) amministrazione.php, (4) artins.php, (5) bgcolor.php, (6) cancartcat.php, (7) canccat.php, (8)...

7.5CVSS7.2AI score0.04943EPSS